Every bill you pay, every service you buy, every Web application you use requires a login name and password.
To keep them all memorized is impossible.
So there are basically three ways to cope:
- Create a pattern that is repeated with each login. For example, reuse login name and password or portions of it. This works up to a point, but then there is always that one site that requires more characters, more numbers or more letters. Also, this method is less secure because if one login is breached, you potentially become exposed with your other logins.
- Use a small database tool to remember all logins and passwords. This is generally good as long as you can access that database wherever and whenever you need it
- Refuse to create yet one more account. At the very least, I think most of us hesitate before signing up for yet another Web account simply because it is already too unmanageable.
The answer ultimately will lie in some form of a single global sign-on, possibly backed up by some form of physical ID authentication device. Just imagine if every new account you create merely needs to reference the single sign on account which you can easily remember. Your life all of the sudden gets much easier.
Single sign-on technologies basically require sign-on with a single master service and all subsequent services authenticate your ID against that single service. Many corporate environments use this technique already to allow their employees to access a range of internal applications with one sign-on.
However, the capability hasn’t become common in the consumer space, where it’s needed the most.
My question is why hasn't an application gone a few steps further? Why can't I enter my name, address information, telephone, credit card information, etc., into a single sign-on account, and then every subsequent account pulls from that location?
Then, if I was really concerned about security, I could require the single sign-on account to validate charges and such with me via text messaging. Or it could require a physical validation such as an authentication device that I carry attached to my key chain or that resembles a credit card.
My thought is simply that we need a single place that is highly secure where we can maintain all of our personal data. All these ancillary accounts that I use once a month, such as paying my electricity bill, need to be easier to setup and easier to access.
The technology exists.
What do you think about a single sign-on?
Treff LaPlante is president and CEO of Harrisburg-based WorkXpress.